Collecting Cybersecurity IntelligenceThis course teaches how to design and implement a system of cybersecurity intelligence collection and analysis and collect data from network-based and host-based intelligence sources.
Course descriptionEven with the most thorough testing of a security infrastructure, at some point there will be problems. You may be able to stop them as they occur and before they cause any damage, or you may have to deal with investigation of an incident that you were unable to stop. At all times, having good security intelligence will help you keep your systems secure or make them secure again.
Collect Data from Host-Based Intelligence Sources
Video - 00:11:00
Server and workstation logs can also provide intelligence that can be used to identify TTPs and IOCs.
Collect Data from Network-Based Intelligence Sources
Video - 00:11:00
Switches, routers and other network device logs and traffic analysis can identify threats and intrusions.
Deploy a Security Intelligence Collection and Analysis Platform
Video - 00:22:00
Most systems collect information in log files that can be used to identify unusual, suspicious or malicious activity. Developing an automated system, such as an IDS, IPS or SIEM to analyze this information is a critical step in intelligence gathering.
Associated NICE Work Roles
All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.
- All-Source Analyst
- Mission Assessment Specialist
- Exploitation Analyst
Plans & pricing
- Team administration and reporting
- Dedicated client success manager
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps